Effective Date: October 1, 2025
Last Updated: October 1, 2025
Contact: Eddie Mitchell
π± Privacy-First Design
We do not operate any developer-run servers that collect, store, or process your personal data.
π How Your Data is Stored
Local Storage (On Your Device)
All your data is stored locally on your iPhone or iPad:
- Rituals, quests, campaigns, and achievements
- Daily activity entries and progress logs
- Notes and journal entries
- Progress photos
- XP, levels, and statistics
iCloud Sync (Optional) Optional
If you're signed into iCloud, Fit & Fantasy uses CloudKit to sync your data across your Apple devices. This data is stored in your private iCloud container, which means:
- β
Only you can access this data across your devices
- β
We (the developers) cannot see or access your iCloud data
- β
Your data is encrypted in transit and at rest by Apple
- β
You control iCloud sync in iOS Settings
No Developer Servers Zero Access
We do not operate any developer-run servers that collect, store, or process your personal data.
π Information We Collect
1. Data You Create
When you use the app, the following data is stored locally and optionally synced to your private iCloud:
- Profile Information: Optional display name, XP, level, preferences
- Rituals & Activities: Your tracked habits (e.g., "Exercise," "Meditation")
- Activity Entries: Daily logs with values, notes, timestamps, and XP earned
- Quests & Campaigns: Active challenges, progress, completion dates
- Achievements: Unlocked badges and milestone dates
- Progress Photos: Photos you capture or select
- Settings: App preferences, notification settings, theme choices
2. Health & Fitness Data Planned Feature - Not Yet Active
HealthKit integration is planned but not currently implemented. The app does NOT currently access any HealthKit data. When this feature is released in a future update, it will:
- Require your explicit permission before accessing any health data
- Only read data (never write or modify your health information)
- Keep all health data on your device (never uploaded to servers)
- Be entirely optional (the app works fully without it)
Planned health data types for future integration:
- Step count
- Exercise time (active minutes)
- Active calories burned
- Walking/running distance
- Heart rate
- Sleep analysis
π₯ HealthKit Future Compliance
Important: The current version of Fit & Fantasy does NOT access HealthKit or any health data. HealthKit integration is a planned feature for a future release.
When HealthKit is implemented, it will be entirely optional and used solely for wellness tracking features you explicitly enable. We will NEVER use HealthKit data for advertising, marketing, or data sales to third parties.
3. Camera & Photo Library Access Optional
With your permission, the app can:
- Camera: Capture progress photos during ritual completion
- Photo Library: Select existing photos or save generated progress images
Photos are stored locally in the app's storage and synced to your private iCloud. Photos are never uploaded to our servers or shared with third parties.
4. Technical Information
The app may collect minimal technical data locally for functionality:
- Device model and iOS version (for compatibility)
- App version (for feature availability)
- Crash logs: stored locally by default. If youβve opted in to share analytics with Apple, Apple may collect crash data to improve iOS; we do not receive it.
π― How We Use Your Data
On Your Device Only:
- Sync your data across your Apple devices (via your private iCloud)
- Calculate XP, levels, streaks, and achievements
- Display health metrics and progress charts
- Generate shareable progress images (when you choose to share)
- Provide personalized quest recommendations
No Analytics or Tracking: Zero Tracking
We do not use any third-party analytics, tracking, or advertising services. We cannot see:
- How you use the app
- What features you interact with
- Any of your personal data
π« Data We Do NOT Collect
- β Name, email, or phone number (no accounts required)
- β Physical address or location data
- β Payment information
- β Browsing history or search history
- β Contacts or social connections
- β Advertising identifiers
- β Usage analytics or behavioral tracking
- β Cookies or tracking technologies
π€ Third-Party Services & Data Sharing
Apple Services Only:
Fit & Fantasy uses only Apple's first-party frameworks:
- CloudKit: For syncing to your private iCloud (you control this)
- HealthKit: Planned for future release - Not currently implemented
- PhotoKit: For accessing photos (with your permission)
No Third-Party Services: Zero Third Parties
We do not integrate:
- Analytics services (Google Analytics, Firebase, Mixpanel, etc.)
- Advertising networks (Facebook Ads, Google Ads, etc.)
- Social media SDKs
- Data brokers or marketing platforms
Data Sharing:
We do not sell, rent, or share your personal data with third parties. The only "sharing" is:
- Syncing to your iCloud account (controlled by you)
- When you choose to share a progress image via iOS share sheet
β
Your Privacy Rights & Choices
Control Your Data:
Since all data is stored on your device and iCloud:
- Access: View all your data in the app at any time
- Modify: Edit or delete any ritual, quest, entry, or photo
- Export: Share progress summaries as images
- Delete Everything: Settings β Clear All Data
Control Permissions:
- Camera: iOS Settings β Privacy & Security β Camera β Fit & Fantasy
- Photos: iOS Settings β Privacy & Security β Photos β Fit & Fantasy
- Notifications: iOS Settings β Notifications β Fit & Fantasy
- iCloud Sync: iOS Settings β [Your Name] β iCloud β Fit & Fantasy
Note: HealthKit permissions are not applicable in the current version. When HealthKit integration is released, you'll control it via: iOS Settings β Privacy & Security β Health β Fit & Fantasy
ποΈ Data Retention
- While You Use the App: All data is retained on your device and in your iCloud
- After Uninstalling: Local device data is deleted immediately; iCloud data persists until you manually delete it
- No Server-Side Retention: We don't retain any data on servers because we don't collect data on servers
πΆ Children's Privacy
Fit & Fantasy is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. Since we don't collect data on our servers, any data a child creates would be stored only on their device or their iCloud account.
π Security
Your data security is primarily managed by Apple:
- On-device encryption: iOS encrypts all app data on your device
- iCloud encryption: Data synced to iCloud is encrypted in transit and at rest
- No network transmission: No servers = no network attack surface
Best Practices: Use a strong device passcode, enable Face ID/Touch ID, keep iOS updated, and use two-factor authentication for iCloud.
π International Users & Data Transfers
No developer transfers: We donβt transmit or host your personal data on our servers. Apple manages iCloud storage and transfers under its own policies.
Data Location:
- Your device data is stored wherever your iPhone/iPad is located
- Your iCloud data is stored in Apple's data centers (location depends on your Apple ID region)
No Cross-Border Transfers by Us: Since we don't operate servers, we don't transfer your data internationally. Apple handles iCloud data storage according to their policies.
π Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be communicated via in-app notification and App Store update notes.
π« App Tracking Transparency & Advertising
Fit & Fantasy does not:
- Track you across other companies' apps or websites
- Serve personalized advertising
- Use advertising identifiers
Therefore, we do not request App Tracking Transparency (ATT) permission.
π California Privacy Rights (CCPA)
If you are a California resident, you have specific rights under CCPA.
For Fit & Fantasy users:
- We don't collect personal information on our servers
- We don't sell personal information
- You control all data via the app and iOS settings
πͺπΊ European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have rights under GDPR.
For Fit & Fantasy users:
- We do not operate servers for your personal data; processing occurs on your device and, if you enable sync, in your private iCloud account operated by Apple.
- We do not receive or access your iCloud-stored personal data.
- You can exercise your rights by managing data in-app (edit/delete), deleting local data (Settings β Clear All Data), and deleting iCloud data in iOS Settings.
- For iCloud infrastructure, see Appleβs privacy documentation.